roy liang via FreeIPA-users wrote: > What is the access mechanism of kdc? For example, I have the following > configuration. When a kdc user logs in, is his access mechanism sequential or > random or hash access? > So when will the second visit, the third visit...Or the last one? > Or will you only access the second one when the first one fails? > Is there any documentation? I looked up the documentation, and it doesn't > specify this, because I don't know how to optimize and determine where the > problem is when the number of connections is under pressure. > Ask for help, thank you!
IIRC it always starts at the top and on failure the Kerberos client will try the next kdc in the list. IMHO you are much better off using DNS discovery for finding the KDCs. https://web.mit.edu/kerberos/krb5-latest/doc/admin/realm_config.html rob > > ..... > [realms] > YYDEVOPS.COM = { > > admin_server = kdc01.xx.com > > kdc = kdc01.xx.com:41012 > kdc = kdc01.xx.com:41013 > kdc = kdc01.xx.com:41011 > kdc = kdc01.xx.com:41014 > kdc = kdc01.xx.com:88 > > kdc = kdc02.xx.com:88 > kdc = kdc03.xx.com:88 > kdc = kdc04.xx.com:88 > } > ..... > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
